基于注意力的多特征融合加密流量识别方法

孙文茜; 翟江涛; 刘光杰; 许成程

doi:10.13451/j.sxu.ns.2023116

PDF(1880 KB)

山西大学学报(自然科学版) ›› 2025, Vol. 48 ›› Issue (3) : 481-491. DOI: 10.13451/j.sxu.ns.2023116

信息科学

基于注意力的多特征融合加密流量识别方法

作者信息 +

南京信息工程大学电子与信息工程学院，江苏南京 210044

作者简介:

孙文茜（1999 $-$ ），女，江苏连云港人，硕士研究生，研究方向为多媒体与信息安全。E-mail：1421626314@qq.com

通信作者:

翟江涛（ZHAI Jiangtao），E-mail：jiangtaozhai@nuist.edu.cn

折叠

Attention-based Multi Feature Fusion Encrypted Traffic Recognition Method

Author information +

History +

摘要

针对当前加密流量识别研究中因神经网络架构导致特征信息提取不充分的问题，本文提出了一种基于注意力的多特征融合加密流量识别方法。所提方法聚焦于加密流量的层次结构特点，设计了两个并行的网络分支进行特征提取，分支一采用残差神经网络（Residual Neural Network， ResNet）提取流量的原始特征，分支二利用不规则大小卷积核组成的Inception-CNN（Convolutional Neural Networks）提取流的统计特征进行表征以补偿流量裁剪带来的信息损失。此外，本文将统计特征由现有的灰度图转换成RGBA图像的形式作为输入来帮助模型更有效地提取特征。两个分支提取到的特征被合并为新的特征向量输入到通道注意力模块中进行加权，以增强流量特征的表征能力。实验结果表明，该模型较现有典型的加密流量分类方法具有更好的表现，精度、召回率和F1-score均有明显提高，其中综合性能指标F1-score较现有方法平均提高了6%。

Abstract

To address the issue of insufficient feature information extraction caused by neural network architecture in current encrypted traffic recognition research, this paper proposes a multi-feature fusion encrypted traffic recognition method based on attention mechanism. The proposed method focuses on the hierarchical structure characteristics of encrypted traffic and designs two parallel network branches for feature extraction. Branch one uses residual neural network(ResNet) to extract the original features of traffic, while branch two uses an Inception-CNN composed of irregular-sized convolution kernels to extract statistical features of traffic for characterization and compensate for the information loss caused by traffic cropping. In addition, this paper converts the statistical features from the existing grayscale image to the RGBA image format as input to help the model more effectively extract features. The features extracted by the two branches are merged into a new feature vector and input into the channel attention module for weighting to enhance the representation ability of traffic features. The experimental results show that the proposed model performs better than existing typical encrypted traffic classification methods, with significantly improved accuracy, recall rate, and F1-score, among which the comprehensive performance metric F1-score is increased by an average of 6% compared to existing methods.

关键词

加密流量 / 残差神经网络 / 特征融合 / 流量识别

Key words

encrypted traffic / residual neural network / feature fusion / traffic identification

中图分类号

TP309

引用本文

EndNote

Ris (Procite)

Bibtex

导出引用

孙文茜 , 翟江涛 , 刘光杰 , 等. 基于注意力的多特征融合加密流量识别方法. 山西大学学报(自然科学版). 2025, 48(3): 481-491 https://doi.org/10.13451/j.sxu.ns.2023116

SUN Wenqian, ZHAI Jiangtao, LIU Guangjie, et al. Attention-based Multi Feature Fusion Encrypted Traffic Recognition Method[J]. Journal of Shanxi University(Natural Science Edition). 2025, 48(3): 481-491 https://doi.org/10.13451/j.sxu.ns.2023116

参考文献

列表( 原文顺序 | 文献年度倒序 | 文中引用次数倒序 ) 可视化分析

1	AZAB A, KHASAWNEH M, ALRABAEE S, et al. Network Traffic Classification: Techniques, Datasets, and Challenges[J]. Digit Commun Netw, 2022. DOI: 10.1016/j.dcan.2022.09.009 . 本文引用 [1]

LIN

, HU

Y S

, LIN

Y Y

, et al. PEAN: A Packet-level End-to-end Attentive Network for Encrypted Traffic Identification[C]//2021 IEEE 23rd Int Conf on High Performance Computing & Communications; 7th Int Conf on Data Science & Systems; 19th Int Conf on Smart City; 7th Int Conf on Dependability in Sensor, Cloud & Big Data Systems & Application (HPCC/DSS/SmartCity/DependSys). Haikou, Hainan: IEEE, 2022: 267-274. DOI: 10.1109/HPCC-DSS-SmartCity-DependSys53884.2021.00061 .

本文引用 [1]

3	ZHENG W P, ZHONG J H, ZHANG Q Z, et al. MTT: an Efficient Model for Encrypted Network Traffic Classification Using Multi-task Transformer[J]. Appl Intell, 2022, 52(9): 10741-10756. DOI: 10.1007/s10489-021-03032-8 . 本文引用 [1]

4	DAI J B, XU X L, GAO H H, et al. SHAPE: A Simultaneous Header and Payload Encoding Model for Encrypted Traffic Classification[J]. IEEE Trans Netw Serv Manag, 2023, 20(2): 1993-2012. DOI: 10.1109/TNSM.2022.3213758 . 本文引用 [1]

5	OKONKWO Z, FOO E, LI Q Y, et al. A CNN Based Encrypted Network Traffic Classifier[C]//Proceedings of the 2022 Australasian Computer Science Week. New York: ACM, 2022: 74-83. DOI: 10.1145/3511616.3513101 . 本文引用 [1]

6	MOORE A W, ZUEV D. Internet Traffic Classification Using Bayesian Analysis Techniques[C]//Proceedings of the 2005 ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems. New York: ACM, 2005: 50-60. DOI: 10.1145/1064212.1064220 . 本文引用 [1]

7	TAYLOR V F, SPOLAOR R, CONTI M, et al. Robust Smartphone App Identification via Encrypted Network Traffic Analysis[J]. IEEE Trans Inf Forensics Secur, 2018, 13(1): 63-78. DOI: 10.1109/TIFS.2017.2737970 . 本文引用 [1]

8	CAO J, FANG Z, QU G, et al. An Accurate Traﬃc Classiﬁcation Model Based On Support Vector Machines[J]. Int J Netw Manag, 2017, 27(1): e1962. DOI: 10.1002/nem.1962 本文引用 [1]

9	WANG W, ZHU M, ZENG X W, et al. Malware Traffic Classification Using Convolutional Neural Network for Representation Learning[C]//2017 International Conference on Information Networking (ICOIN). Da Nang, Vitenam: IEEE, 2017: 712-717. DOI: 10.1109/ICOIN.2017.7899588 . 本文引用 [2]

10	WANG W, ZHU M, WANG J L, et al. End-to-end Encrypted Traffic Classification with One-dimensional Convolution Neural Networks[C]//2017 IEEE International Conference on Intelligence and Security Informatics (ISI). Beijing, China: IEEE, 2017: 43-48. DOI: 10.1109/ISI.2017.8004872 . 本文引用 [8]

11	LOTFOLLAHI M, SIAVOSHANI M J, ZADE R S H, et al. Deep Packet: a Novel Approach for Encrypted Traffic Classification Using Deep Learning[J]. Soft Comput, 2020, 24(3): 1999-2012. DOI: 10.1007/s00500-019-04030-2 . 本文引用 [1]

12	HE Y J, LI W. Image-based Encrypted Traffic Classification with Convolution Neural Networks[C]//2020 IEEE Fifth International Conference on Data Science in Cyberspace (DSC). New York: IEEE, 2020: 271-278. DOI: 10.1109/DSC50466.2020.00048 . 本文引用 [1]

13	HUOH T L, LUO Y, LI P L, et al. Flow-based Encrypted Network Traffic Classification with Graph Neural Networks[C]//IEEE Transactions on Network and Service Management. New York: IEEE, 2022: 1224-1237. DOI: 10.1109/TNSM.2022.3227500 . 本文引用 [8]

14	LIN P, YE K J, HU Y S, et al. A Novel Multimodal Deep Learning Framework for Encrypted Traffic Classification[J]. IEEE/ACM Trans Netw, 2023, 31(3): 1369-1384. DOI: 10.1109/TNET.2022.3215507 . 本文引用 [1]

15	IZADI S, AHMADI M, RAJABZADEH A. Network Traffic Classification Using Deep Learning Networks and Bayesian Data Fusion[J]. J Netw Syst Manage, 2022, 30(2): 25. DOI: 10.1007/s10922-021-09639-z . 本文引用 [10]

DRAPER-GIL

, LASHKARI

A H

, MAMUN

M S I

, et al. Characterization of Encrypted and VPN Traffic Using Time-related Features[C]//Proceedings of the 2nd International Conference on Information Systems Security and Privacy. Roma, Italy: SCITEPress, 2016: 407-414. DOI: 10.5220/0005740704070414 .

本文引用 [2]

17	HABIBI LASHKARI A, DRAPER GIL G, MAMUN M S I, et al. Characterization of Tor Traffic Using Time Based Features[C]//Proceedings of the 3rd International Conference on Information Systems Security and Privacy. Porto, Portugal: SCITEPress, 2017: 253-262. DOI: 10.5220/0006105602530262 . 本文引用 [1]

徐洪平, 马泽文, 易航, 等. 基于卷积循环神经网络的网络流量异常检测技术[J]. 信息网络安全, 2021(7): 54-62. DOI: 10.3969/j.issn.1671-1122.2021.07.007 .

H P

, MA

Z W

, YI

, et al. Network Traffi c Anomaly Detection Technology Based on Convolutional Recurrent Neural Network[J]. Netinfo Secur, 2021(7): 54-62. DOI: 10.3969/j.issn.1671-1122.2021.07.007 .

本文引用 [1]

19	MA Z H, LI K Y, LI Z Y, et al. Encrypted Traffic Classification Based on a Convolutional Neural Network[J]. J Phys: Conf Ser, 2022, 2400(1): 012056. DOI: 10.1088/1742-6596/2400/1/012056 . 本文引用 [1]

20	QIN J Y, LIU G J, DUAN K. A New Imbalanced Encrypted Traffic Classification Model Based on CBAM and Re-weighted Loss Function[J]. Appl Sci, 2022, 12(19): 9631. DOI: 10.3390/app12199631 . 本文引用 [1]

21	MA X L, ZHU W B, WEI J L, et al. EETC: An Extended Encrypted Traffic Classification Algorithm Based on Variant Resnet Network[J]. Comput Secur, 2023, 128: 103175. DOI: 10.1016/j.cose.2023.103175 . 本文引用 [1]

22	OBESO A M, BENOIS-PINEAU J, GARCÍA VÁZQUEZ M S, et al. Visual vs Internal Attention Mechanisms in Deep Neural Networks for Image Classification and Object Detection[J]. Pattern Recognit, 2022, 123: 108411. DOI: 10.1016/j.patcog.2021.108411 . 本文引用 [1]

基金

国家自然科学基金(61931004)

国家重点研发计划(2021QY0700)

PDF(1880 KB)

Accesses

Citation

Detail

段落导航

Received	Accepted	Published
2023-04-05	2023-06-21	2025-05-25
Issue Date
2025-06-13

选择文件类型/文献管理软件名称

选择包含的内容